Brocade Communications Systems Mobility 7131 Series Service Manual Page 24
- Page / 520
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
12 Brocade Mobility 7131 Access Point Product Reference Guide
53-1002517-01
1
• KeyGuard Encryption
• Wi-Fi Protected Access (WPA) Using TKIP Encryption
• WPA2-CCMP (802.11i) Encryption
In addition, the Mobility 7131 Access Point access point supports the following additional security
features:
• Firewall Security
• VPN Tunnels
• Content Filtering
For an overview on the encryption and authentication schemes available Mobility 7131 Access
Point, refer to Configuring Access Point Security on page 6-189.
Kerberos Authentication
Authentication is a means of verifying information transmitted from a secure source. If information
is authentic, you know who created it and you know it has not been altered in any way since it was
originated. Authentication entails a network administrator employing a software “supplicant” on
their computer or wireless device.
Authentication is critical for the security of any wireless LAN device. Traditional authentication
methods are not suitable for use in wireless networks where an unauthorized user can monitor
network traffic and intercept passwords. The use of strong authentication methods that do not
disclose passwords is necessary. The access point uses the Kerberos authentication service
protocol (specified in RFC 1510) to authenticate users/clients in a wireless network environment
and to securely distribute the encryption keys used for both encrypting and decrypting.
A basic understanding of RFC 1510 Kerberos Network Authentication Service (V5) is helpful in
understanding how Kerberos works. By default, WLAN devices operate in an open system network
where any wireless device can associate with an AP without authorization. Kerberos requires
device authentication before access to the wired network is permitted.
For detailed information on Kerbeors configurations, see Configuring Kerberos Authentication on
page 6-194.
EAP Authentication
The Extensible Authentication Protocol (EAP) feature provides access points and their associated
MUs an additional measure of security for data transmitted over the wireless network. Using EAP,
authentication between devices is achieved through the exchange and verification of certificates.
EAP is a mutual authentication method whereby both the MU and AP are required to prove their
identities. Like Kerberos, the user loses device authentication if the server cannot provide proof of
device identification.
Using EAP, a user requests connection to a WLAN through the access point Mobility 7131 Access
Point. The access point Mobility 7131 Access Point then requests the identity of the user and
transmits that identity to an authentication server. The server prompts the AP for proof of identity
(supplied to the Mobility 7131 Access Point by the user) and then transmits the user data back to
the server to complete the authentication process.
An MU is not able to access the network if not authenticated. When configured for EAP support, the
access point displays the MU as an EAP station.
- Brocade Mobility 7131 1
- Access Point 1
- Document History 2
- Contents 3
- Chapter 3 Getting Started 5
- Chapter 5 Network Management 6
- Chapter 8 CLI Reference 8
- Chapter 10 Adaptive AP 8
- Chapter B Usage Scenarios 9
- 53-1002517-01 10
- About This Guide 11
- Related publications 12
- Getting technical help 12
- Introduction 13
- New Features 14
- Hotspot Customization 15
- WAN Failover 15
- Proxy ARP Support 16
- Multi Cipher Support 16
- Dynamic Chain Selection 17
- Dedicated Sensor Support 17
- LED Disable 17
- Feature Overview 18
- 802.11n Support 19
- Sensor Support 19
- Mesh Roaming Client 21
- Separate LAN and WAN Ports 21
- Multiple Mounting Options 22
- Sixteen Configurable WLANs 22
- • Kerberos Authentication 23
- • EAP Authentication 23
- • WEP Encryption 23
- Kerberos Authentication 24
- EAP Authentication 24
- WEP Encryption 25
- KeyGuard Encryption 25
- Firewall Security 26
- VPN Tunnels 26
- VLAN Support 27
- Updatable Firmware 27
- Power-over-Ethernet Support 28
- MU-MU Transmission Disallow 28
- Voice Prioritization 29
- Support for CAM and PSP MUs 29
- Statistical Displays 29
- DHCP Support 30
- Transmit Power Control 30
- Mesh Networking 31
- Additional LAN Subnet 31
- Hotspot Support 32
- Manual Date and Time Settings 33
- Dynamic DNS 33
- Auto Negotiation 33
- Adaptive AP 33
- Rogue AP Enhancements 34
- QBSS Support 34
- Triple Radio Support 34
- IP Filtering 35
- MU Rate Limiting 35
- Per Radio MU Limit 35
- Power Setting Configuration 36
- AMSDU Transmission Support 36
- IPSec VPN Support 36
- Theory of Operations 37
- MAC Layer Bridging 38
- Media Types 39
- MU Association Process 39
- Operating Modes 40
- Management Access Options 41
- MAC Address Assignment 41
- Hardware Installation 43
- Package Contents 44
- Access Point Placement 45
- Power Options 47
- Power Injector System 47
- Cabling the Power Injector 49
- Mobility 7131N Access Point 50
- • Light pipe 55
- • Badge for light pipe 55
- • Decal for badge 55
- • Security cable (optional) 55
- LED Indicators 57
- Dual Radio (2.4/5 GHz) LEDs 59
- Single Radio 2.4 GHz LEDs 60
- Single Radio 5 GHz LEDs 60
- Setting Up MUs 61
- Getting Started 63
- Basic Device Configuration 65
- Configuring Device Settings 67
- Testing Connectivity 76
- Where to Go from Here? 76
- System Configuration 79
- Configuring Power Settings 82
- Available Power 83
- Power 2.4 GHz 84
- Maximum Transmit 84
- Power 5 GHz 84
- Power 5 GH 85
- Adaptive AP Setup 87
- Configuring Data Access 89
- LAN1, LAN2 or WAN interfaces: 90
- Importing a CA Certificate 93
- Ensure the 97
- Configuring SNMP Settings 99
- Feature MIB Feature MIB 100
- Mobility 7131 Access Point 103
- Mobility 7131 Access 103
- • Enabling SNMP Traps 104
- Enabling SNMP Traps 105
- Configuring LLDP Settings 111
- Mobility 7131 114
- Logging Configuration 115
- Updating Device Firmware 121
- Network Management 127
- Configuring VLAN Support 130
- Configuring WAN Settings 139
- • Novatel Merlin 870 143
- Configuring Port Forwarding 146
- Configuring Dynamic DNS 147
- Customizing a Hotspot Display 168
- (mutually exclusive) 173
- Configuring MU Rate Limiting 188
- Configuring Router Settings 190
- Setting the RIP Configuration 191
- Configuring IP Filtering 193
- Creating a Global Filter 196
- LAN and WLAN filter policies 197
- Assessing IP Filter Stats 199
- In this chapter 201
- Configuring Security Options 202
- Setting Passwords 202
- Mobility 205
- 7131 Access Point 205
- Configuring WEP Encryption 211
- Configuring Firewall Settings 222
- Available Protocols 226
- Configuring VPN Tunnels 228
- Configuring Auto Key Settings 236
- Configuring IKE Key Settings 238
- VPN Configuration - Example 241
- Viewing VPN Status 242
- Displaying Rogue AP Details 250
- Configuring the Radius Server 253
- Group Member 256
- Attribute 256
- Mapping Users to Groups 259
- Monitoring Statistics 265
- Viewing LAN Statistics 268
- Viewing Wireless Statistics 273
- Viewing WLAN Statistics 274
- Viewing Radio Statistics 279
- Retry Histogram 282
- Viewing MU Statistics Summary 283
- Viewing MU Details 284
- Pinging Individual MUs 286
- MU Authentication Statistics 286
- CLI Reference 293
- Admin and Common Commands 294
- Description: 295
- Syntax: 295
- Example: 295
- Network Commands 298
- Network Type Filter Commands 310
- Network WAN Commands 313
- Network WAN NAT Commands 315
- Related Commands: 318
- Network Wireless Commands 330
- Network ACL Commands 348
- GHz].advanced)>show 358
- GHz].advanced)>set 359
- GHz].mesh)>show 360
- GHz].mesh)>delete 361
- Descripton: 370
- Network Rogue-AP Commands 373
- Network Firewall Commands 380
- Network Router Commands 383
- Network IP Filter Commands 387
- System Commands 390
- Power Setup Commands 394
- Adaptive AP Setup Commands 395
- LLDP Commands 398
- System Access Commands 399
- Description: ) 402
- System SNMP Commands 407
- System SNMP Traps Commands 410
- System User Database Commands 415
- System Radius Commands 421
- Description: set 425
- zone-list 434
- System Log Commands 435
- Firmware Update Commands 443
- Statistics Commands 445
- Configuring Mesh Networking 455
- Spanning Tree Protocol (STP) 457
- Defining the Mesh Topology 457
- Normal Operation 458
- Configuring AP#1: 470
- Configuring AP#2 474
- Configuring AP#3 474
- Configuring AP#1 476
- Where to Go From Here 484
- Adaptive AP Management 484
- Licensing 484
- Switch Discovery 484
- Auto Discovery using DHCP 485
- Manual Adoption Configuration 485
- Adaptive AP WLAN Topology 486
- Configuration Updates 486
- Adaptive AP Switch Failure 487
- Adaptive Mesh Support 487
- Extended WLANs Only 488
- Independent WLANs Only 489
- Adaptive AP Configuration 491
- Option Data Type Value 492
- Switch Configuration 493
- IPSec and Independent WLAN 496
- Technical Specifications 501
- Electrical Characteristics 502
- Country Codes 503
- Country Code Country Code 504
- Usage Scenarios 507
- Code Data type 508
- • 1 TFTP Server 509
- DHCP Priorities 510
- BootP Options 511
- • Sends a true BootP request 512
- BootP Priorities 513
- • 1 Cisco VPN device 517
Related products and manuals for WLAN access points Brocade Communications Systems Mobility 7131 Series
(65 pages)© 2020, manymanuals.com. All rights reserved. | 4.259 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals